tradecraft and subversion

[full-disclosure () lists netsys com (sockz loves you)]

----- Original Message -----
From: aliver () xexil com
Date: Mon, 26 Aug 2002 21:31:40 -0700 
To: Full Disclosure <full-disclosure () lists netsys com>
Subject: [Full-disclosure] tradecraft and subversion

>       Personally, I've enjoyed the (few) posts with some actual code in
> them. Anyone who reads my posts knows that I'm usually (depending on the
> situation) against releasing vulnerabilities and exploit code to the
> public or to vendors. I consider myself a non-criminal blackhat since I

a "non-criminal blackhat"... dude, there's no such thing.  quit fantasising.

> code "toolz" but don't use them illegally. Of course my efforts are for
> research purposes only, and if someone else decides to use my tools
> illegally, then they are a bad bad person and I just couldn't condone that
> at all, no sir, not at all, honest. I'm not a huge exploit coder, but I

so in other words you're just a normal computer geek/nerd/whatever.  you have
the intelligence, but lack the guts to go either way (black or white).  that
doesn't make you a hacker.  it makes you "someone who can do use computers".
no more.  possibly less.

> have written a couple for fun, not profit. I'm more interested in tools
> with a dark flavor since they aren't going to be used by jerkish vendors
> to fix their products (at least, they aren't as likely to be). To my

my favourite flavour is strawberry.  do you have anything to accomodate my
tastes?

(snip)
>       Okay, that said, I'm working on a few projects and if anyone has
> feedback, code, or advice concerning them; I'd appreciate it. I'd usually
> take this kind of thing to somewhere like vuln-dev, but due to the recent
> corporate ownership and the loss of Blue Boar, well, screw that. Anyhow,
> here goes nothing:

let me get this right... cuz i think i'm missing something here... you claim to
be (in your own words) a "non-criminal blackhat" who posts to vuln-dev and Full
Disclosure for free advice in relation to your own "projects"?  dude, thats
fucked up.  *spins out*  i hate to break it to you, aliver, but you're not a
hacker at all.  you're really just whitehat trash...

> Anyhow, the basic concept is that "spat"  sits on a given port and acts
> like an SMTP, POP3, IMAP, FTP, or whatever server. When clients connect to
> this server, the server attempts to exploit and own them.

...that or you're a moron for telling everyone about your spat project...
 
> Project "xxtleet" (pronounced "zeetleet"):
> leetspeak rant of about 24k - 40k. Any ideas on the lexigraphic engine or
> the encoding scheme would be appreciated.

...then again the two labels go hand-in-hand, really.
 
> Oh, one last thing. I think this sort of thing would probably annoy the
> type of people on the list that I'm not really that fond of. So, if you
> have feedback, and you don't mind, just post it straight to the list. You
> can feel free to email me privately, too. Thanks.

do you always expect everyone to go out of their way to look after your
interests?  i bet your mother gave you everything you wanted as a child.  cuz
you dont really seem to be any kind of blackhat to me.  in fact, i'd be more
inclined to label you as a 'spoiled brat'.  you should quit relying on other
ppl to do your own homework.  its really quite pathetic.
-- 
__________________________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup